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Claim Amendment Summary 

Claims pending 

• At time of the Action: Claims 1-48. 

• After this Response: Claims 1, 4-26, 28-30, 32-42, and 44-48. 
Canceled or Withdrawn claims: 2, 3, 27, 31, and 43. 
Amended claims: 1,4, 11, 19, 25, 30, 36, 41, 42, 47, and 48. 

New claims: none 

Please amend claims 1, 1 1, 19, 25, 30, 36, 41, 42, 47, and 48 as follows: 

1. (CURRENTLY AMENDED) In a paging operating system having 
physical memory for holding information and secondary storage comprising a 
page file for receiving information that is paged out from the physical memory, a 
computer-implemented method of protecting information comprising: 

creating a key and page locking the key in the physical memory, wherein 
creating the key comprises creating the key during system boot up, wherein 
different keys can be created during different system boot ups; 

encrypting information using the [[a]] key that is pag e- lock e d in th e 
physical m e mory ; and 

paging out, to the page file, the encrypted information. 

2-3. (CANCELED) 

4. (CURRENTLY AMENDED) The computer-implemented method 
of claim \ [[2]], wherein said creating the key further comprises generating a 
random key with a random key generator. 



Lee & Hayes, pllc 



2 



11 15041 12S O:\Docs\MSI\0407US\407077.DOC 



5. (ORIGINAL) The computer-implemented method of claim 4, 
wherein said generating comprises using RSA RC4 as an encryption algorithm to 
generate the key. 

6. (ORIGINAL) The computer-implemented method of claim 1, 
wherein said encrypting comprises: 

calling an operating system kernel; 

the kernel using the page-locked key to encrypt the information. 

7. (ORIGINAL) The computer-implemented method of claim 6, 
wherein said calling is performed by an application. 

8. (ORIGINAL) The computer-implemented method of claim 6, 
wherein said calling is performed by an operating system memory manager. 

9. (ORIGINAL) One or more computer-readable media having 
computer-readable instructions thereon which, when executed by a computer, 
perform the computer-implemented method of claim 1 . 

10. (ORIGINAL) An operating system programmed with instructions 
which, when implemented by the operating system, implement the method of 
claim 1. 

11. (CURRENTLY AMENDED) In a paging operating system having 
main memory for holding information and secondary storage comprising a page 
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file for receiving information that is paged out from the main memory, a 
computer-implemented method of protecting information comprising: 

creating a key during system boot up, wherein different keys can be created 
during different system boot ups; 

page-locking the [[a]] key in main memory; 

restricting access to the page-locked key to only the operating system 

kernel; 

calling the operating system kernel to encrypt information; 
accessing the page-locked key with the operating system kernel; and 
using the operating system kernel to encrypt the information with the page- 
locked key. 

12. (ORIGINAL) The computer-implemented method of claim 11, 
wherein said calling is performed by an operating system memory manager. 

13. (ORIGINAL) The computer-implemented method of claim 11, 
wherein said calling is performed by an application. 

14. (ORIGINAL) The computer-implemented method of claim 11 
further comprising prior to said calling: 

designating at least one page in the main memory with a designation; 
recognizing the designation and, responsive thereto, calling the operating 
system kernel to encrypt the information. 

15. (ORIGINAL) The computer-implemented method of claim 14, 
wherein said recognizing is performed by the memory manager. 
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16. (ORIGINAL) The computer-implemented method of claim 11, 
wherein said calling comprises specifying a memory location and a memory size 
associated with the information to be encrypted. 

17. (ORIGINAL) One or more computer-readable media having 
computer-readable instructions thereon which, when executed by a computer, 
perform the computer-implemented method of claim 1 1 . 

18. (ORIGINAL) An operating system programmed with instructions 
which, when implemented by the operating system, implement the method of 
claim 11. 

19. (CURRENTLY AMENDED) In a paging operating system having 
main memory for holding information and secondary storage comprising a page 
file for receiving information that is paged out from the main memory, a 
computer-implemented method of handling encrypted information comprising: 

accessing encrypted information in the page file; and 

decrypting the encrypted information with a key created during system boot 
up, wherein different keys can be created during different system boot ups and 
wherein the key that is page-locked in the main memory. 

20. (ORIGINAL) The computer-implemented method of claim 19 
further comprising placing the decrypted information in a page of main memory. 
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21. (ORIGINAL) The computer-implemented method of claim 19 
further comprising placing the decrypted information in a page-locked page of 
main memory. 

22. (ORIGINAL) The computer-implemented method of claim 19, 
wherein the page-locked key is accessible only to the operating system kernel. 

23. (ORIGINAL) One or more computer-readable media having 
computer-readable instructions thereon which, when executed by a computer, 
perform the computer-implemented method of claim 19. 

24. (ORIGINAL) An operating system programmed with instructions 
which, when implemented by the operating system, implement the method of 
claim 19. 

25. (CURRENTLY AMENDED) In a paging operating system having 
main memory for holding information and secondary storage comprising a page 
file for receiving information that is paged out from the main memory, a 
computer-implemented method of protecting information comprising: 

allocating a non-pageable page of main memory during system boot ; 

generating a random ke y, wherein different keys can be generated during 
different system boots; and 

storing the random key in the non-pageable page of main memory, the 
random key being configured for use by the operating system to encrypt 
information that might be paged out to the page file. 
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26. (ORIGINAL) The computer-implemented method of claim 25, 
wherein said generating comprises using an RSA RC4 encryption algorithm. 

27. (CANCELED) 

28. (ORIGINAL) One or more computer-readable media having 
computer-readable instructions thereon which, when executed by a computer, 
perform the computer-implemented method of claim 25. 

29. (ORIGINAL) An operating system programmed with instructions 
which, when implemented by the operating system, implement the method of 
claim 25. 

30. (CURRENTLY AMENDED) In an operating system having main 
memory for holding information and secondary storage for receiving information 
that is transferred out of main memory, a computer-implemented method of 
protecting information comprising: 

generating at least one non-pageable random key by using a random key 
generation process during system boot up. wherein different keys can be generated 
during different system boot ups ; 

encrypting at least one selected block of information in the main memory 
with a software component that uses the at least one random key for encryption; 

transferring the one encrypted block of information to the secondary 
storage; 

decrypting the one encrypted block of information with the software 
component that uses the at least one random key for decryption; and 
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placing the decrypted block of information in the main memory. 

31. (CANCELED) 

32. (ORIGINAL) The computer-implemented method of claim 30 
further comprising restricting access to the at least one random key to only the 
software component. 

33. (ORIGINAL) The computer-implemented method of claim 30, 
wherein the software component comprises the operating system's kernel. 

34. (ORIGINAL) The computer-implemented method of claim 30 
further comprising: 

storing the at least one random key in the main memory; and 
locking the at least one random key in the main memory so that it does not 
get transferred to the second storage. 

35. (ORIGINAL) An operating system programmed with instructions 
which, when implemented by the operating system, implement the method of 
claim 30. 

36. (CURRENTLY AMENDED) A system for use in protecting 
pageable information comprising: 

a memory having pageable and non-pageable pages; and 
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at least one key created during system boot and stored in the memory in a 
non-pageable page, the key being configured for use in encrypting pageable 
information , wherein different keys can be created during different system boots . 

37. (ORIGINAL) The system of claim 36 further comprising a software 
component that is configured to access and use said one key to encrypt pageable 
information. 

38. (ORIGINAL) The system of claim 37, wherein the one key is 
accessible only to the software component. 

39. (ORIGINAL) The system of claim 37 further comprising at least 
one application configured to call the software component to encrypt the pageable 
information. 

40. (ORIGINAL) The system of claim 37 further comprising a memory 
manager configured to call the software component to encrypt the pageable 
information. 

41. (CURRENTLY AMENDED) A computer program embodied on 
one or more computer-readable media, the program comprising: 

creating a key and page locking the key in main memory of a computer, 
wherein creating the key comprises creating the key during system boot up, 
wherein different keys can be created during different system boot ups; 
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encrypting information with the [[a]] key that is page look e d in main 
m e mory of a comput e r ; 

paging out, to secondary storage, the encrypted information; 

accessing the encrypted information in the secondary storage; and 

decrypting the encrypted information with the key that is page-locked in the 
main memory. 

42. (CURRENTLY AMENDED) A programmable computer 
comprising: 

a processor; 

main memory for holding information; 

secondary storage for receiving information that is temporarily transferred 
out of the main memory; 

the computer being programmed with computer-readable instructions 
which, when executed by the processor, cause the computer to: 

generate a key during system boot up. wherein different keys can be 
generated during different system boot ups; 

page lock the key in the main memory; 

encrypt information that is to be transferred to the secondary storage with 

the [[a ]] key that is lock e d in th e main m e mory ; 

transfer the encrypted information to the secondary storage; and 

decrypt the encrypted information with a key that is locked in the main 

memory. 

43. (CANCELED) 
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44. (ORIGINAL) The programmable computer of claim 42, wherein 
the key that is used to encrypt the information is the same key that is used to 
decrypt the information. 

45. (ORIGINAL) The programmable computer of claim 42, further 
comprising a software component that is programmed to encrypt and decrypt the 
information. 

46. (ORIGINAL) The programmable computer of claim 45, wherein 
the software component comprises the operating system's kernel. 

47. (CURRENTLY AMENDED) One or more application 
programming interfaces embodied on one or more computer-readable media for 
execution on a computer in conjunction with a paging operating system having 
main memory for holding information and a page file for receiving information 
that is paged out from the main memory, comprising: 

an interface method for generating a key during system boot up, wherein 
different keys can be generated during different system boot ups; 

an interface method for page locking the key in the main memory, 

an interface method for encrypting pageable information with the [[a]] key 
that is pag e- lock e d in th e main m e mory ; and 

an interface method for decrypting encrypted information that is contained 
in the page file. 

48. (CURRENTLY AMENDED) An application programming 
interface embodied on a computer-readable medium for execution on a computer 



Lbe & Hayes, pllc 



11 



// 15041 125 O:\Docs\MSl\0407US\407077.DOC 



1 

2 
3 
4 
5 
6 
7 
8 
9 
10 
11 
12 
13 
14 
15 
16 
17 
18 
19 
20 
21 
22 
23 
24 
25 



in conjunction with a paging operating system having main memory for holding 
information and secondary storage comprising a page file for receiving 
information that is paged out from the main memory, comprising a method for 
setting an attribute on a page of main memory, the attribute designating that the 
page must be encrypted with a key created during system boot up and that is page- 
locked in the main memory prior to the page being paged out to the page file a 
wherein different keys can be created during different system boot ups . 
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